Merge branch 'main' into feat/document-auth

2025-11-16 01:32:06 +10:00 · 2024-03-26 21:36:58 +08:00
parent c0fb5caf9c 006b732edb
commit 844261c35c
43 changed files with 1986 additions and 112 deletions
--- a/packages/trpc/server/auth-router/router.ts
+++ b/packages/trpc/server/auth-router/router.ts
@ -1,15 +1,31 @@
+import type { RegistrationResponseJSON } from '@simplewebauthn/types';
 import { TRPCError } from '@trpc/server';
+import { parse } from 'cookie-es';
 import { env } from 'next-runtime-env';

 import { IS_BILLING_ENABLED } from '@documenso/lib/constants/app';
 import { AppError, AppErrorCode } from '@documenso/lib/errors/app-error';
 import { ErrorCode } from '@documenso/lib/next-auth/error-codes';
+import { createPasskey } from '@documenso/lib/server-only/auth/create-passkey';
+import { createPasskeyRegistrationOptions } from '@documenso/lib/server-only/auth/create-passkey-registration-options';
+import { createPasskeySigninOptions } from '@documenso/lib/server-only/auth/create-passkey-signin-options';
+import { deletePasskey } from '@documenso/lib/server-only/auth/delete-passkey';
+import { findPasskeys } from '@documenso/lib/server-only/auth/find-passkeys';
 import { compareSync } from '@documenso/lib/server-only/auth/hash';
+import { updatePasskey } from '@documenso/lib/server-only/auth/update-passkey';
 import { createUser } from '@documenso/lib/server-only/user/create-user';
 import { sendConfirmationToken } from '@documenso/lib/server-only/user/send-confirmation-token';
+import { extractNextApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';

 import { authenticatedProcedure, procedure, router } from '../trpc';
-import { ZSignUpMutationSchema, ZVerifyPasswordMutationSchema } from './schema';
+import {
+  ZCreatePasskeyMutationSchema,
+  ZDeletePasskeyMutationSchema,
+  ZFindPasskeysQuerySchema,
+  ZSignUpMutationSchema,
+  ZUpdatePasskeyMutationSchema,
+  ZVerifyPasswordMutationSchema,
+} from './schema';

 const NEXT_PUBLIC_DISABLE_SIGNUP = () => env('NEXT_PUBLIC_DISABLE_SIGNUP');

@ -78,4 +94,126 @@ export const authRouter = router({

      return valid;
    }),
+
+  createPasskey: authenticatedProcedure
+    .input(ZCreatePasskeyMutationSchema)
+    .mutation(async ({ ctx, input }) => {
+      try {
+        // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
+        const verificationResponse = input.verificationResponse as RegistrationResponseJSON;
+
+        return await createPasskey({
+          userId: ctx.user.id,
+          verificationResponse,
+          passkeyName: input.passkeyName,
+          requestMetadata: extractNextApiRequestMetadata(ctx.req),
+        });
+      } catch (err) {
+        console.error(err);
+
+        throw AppError.parseErrorToTRPCError(err);
+      }
+    }),
+
+  createPasskeyRegistrationOptions: authenticatedProcedure.mutation(async ({ ctx }) => {
+    try {
+      return await createPasskeyRegistrationOptions({
+        userId: ctx.user.id,
+      });
+    } catch (err) {
+      console.error(err);
+
+      throw new TRPCError({
+        code: 'BAD_REQUEST',
+        message:
+          'We were unable to create the registration options for the passkey. Please try again later.',
+      });
+    }
+  }),
+
+  createPasskeySigninOptions: procedure.mutation(async ({ ctx }) => {
+    const sessionIdToken = parse(ctx.req.headers.cookie ?? '')['next-auth.csrf-token'];
+
+    if (!sessionIdToken) {
+      throw new Error('Missing CSRF token');
+    }
+
+    const [sessionId] = decodeURI(sessionIdToken).split('|');
+
+    try {
+      return await createPasskeySigninOptions({ sessionId });
+    } catch (err) {
+      console.error(err);
+
+      throw new TRPCError({
+        code: 'BAD_REQUEST',
+        message: 'We were unable to create the options for passkey signin. Please try again later.',
+      });
+    }
+  }),
+
+  deletePasskey: authenticatedProcedure
+    .input(ZDeletePasskeyMutationSchema)
+    .mutation(async ({ ctx, input }) => {
+      try {
+        const { passkeyId } = input;
+
+        await deletePasskey({
+          userId: ctx.user.id,
+          passkeyId,
+          requestMetadata: extractNextApiRequestMetadata(ctx.req),
+        });
+      } catch (err) {
+        console.error(err);
+
+        throw new TRPCError({
+          code: 'BAD_REQUEST',
+          message: 'We were unable to delete this passkey. Please try again later.',
+        });
+      }
+    }),
+
+  findPasskeys: authenticatedProcedure
+    .input(ZFindPasskeysQuerySchema)
+    .query(async ({ input, ctx }) => {
+      try {
+        const { page, perPage, orderBy } = input;
+
+        return await findPasskeys({
+          page,
+          perPage,
+          orderBy,
+          userId: ctx.user.id,
+        });
+      } catch (err) {
+        console.error(err);
+
+        throw new TRPCError({
+          code: 'BAD_REQUEST',
+          message: 'We were unable to find passkeys. Please try again later.',
+        });
+      }
+    }),
+
+  updatePasskey: authenticatedProcedure
+    .input(ZUpdatePasskeyMutationSchema)
+    .mutation(async ({ ctx, input }) => {
+      try {
+        const { passkeyId, name } = input;
+
+        await updatePasskey({
+          userId: ctx.user.id,
+          passkeyId,
+          name,
+          requestMetadata: extractNextApiRequestMetadata(ctx.req),
+        });
+      } catch (err) {
+        console.error(err);
+
+        throw new TRPCError({
+          code: 'BAD_REQUEST',
+          message: 'We were unable to update this passkey. Please try again later.',
+        });
+      }
+    }),
 });
--- a/packages/trpc/server/auth-router/schema.ts
+++ b/packages/trpc/server/auth-router/schema.ts
@ -1,5 +1,8 @@
 import { z } from 'zod';

+import { ZBaseTableSearchParamsSchema } from '@documenso/lib/types/search-params';
+import { ZRegistrationResponseJSONSchema } from '@documenso/lib/types/webauthn';
+
 export const ZCurrentPasswordSchema = z
  .string()
  .min(6, { message: 'Must be at least 6 characters in length' })
@ -32,6 +35,29 @@ export const ZSignUpMutationSchema = z.object({
    .optional(),
 });

+export const ZCreatePasskeyMutationSchema = z.object({
+  passkeyName: z.string().trim().min(1),
+  verificationResponse: ZRegistrationResponseJSONSchema,
+});
+
+export const ZDeletePasskeyMutationSchema = z.object({
+  passkeyId: z.string().trim().min(1),
+});
+
+export const ZUpdatePasskeyMutationSchema = z.object({
+  passkeyId: z.string().trim().min(1),
+  name: z.string().trim().min(1),
+});
+
+export const ZFindPasskeysQuerySchema = ZBaseTableSearchParamsSchema.extend({
+  orderBy: z
+    .object({
+      column: z.enum(['createdAt', 'updatedAt', 'name']),
+      direction: z.enum(['asc', 'desc']),
+    })
+    .optional(),
+});
+
 export type TSignUpMutationSchema = z.infer<typeof ZSignUpMutationSchema>;

 export const ZVerifyPasswordMutationSchema = ZSignUpMutationSchema.pick({ password: true });
--- a/packages/trpc/server/document-router/router.ts
+++ b/packages/trpc/server/document-router/router.ts
@ -9,6 +9,7 @@ import { duplicateDocumentById } from '@documenso/lib/server-only/document/dupli
 import { findDocumentAuditLogs } from '@documenso/lib/server-only/document/find-document-audit-logs';
 import { getDocumentById } from '@documenso/lib/server-only/document/get-document-by-id';
 import { getDocumentAndSenderByToken } from '@documenso/lib/server-only/document/get-document-by-token';
+import { getDocumentWithDetailsById } from '@documenso/lib/server-only/document/get-document-with-details-by-id';
 import { resendDocument } from '@documenso/lib/server-only/document/resend-document';
 import { searchDocumentsWithKeyword } from '@documenso/lib/server-only/document/search-documents-with-keyword';
 import { sendDocument } from '@documenso/lib/server-only/document/send-document';
@ -24,6 +25,7 @@ import {
  ZFindDocumentAuditLogsQuerySchema,
  ZGetDocumentByIdQuerySchema,
  ZGetDocumentByTokenQuerySchema,
+  ZGetDocumentWithDetailsByIdQuerySchema,
  ZResendDocumentMutationSchema,
  ZSearchDocumentsMutationSchema,
  ZSendDocumentMutationSchema,
@ -71,6 +73,24 @@ export const documentRouter = router({
      }
    }),

+  getDocumentWithDetailsById: authenticatedProcedure
+    .input(ZGetDocumentWithDetailsByIdQuerySchema)
+    .query(async ({ input, ctx }) => {
+      try {
+        return await getDocumentWithDetailsById({
+          ...input,
+          userId: ctx.user.id,
+        });
+      } catch (err) {
+        console.error(err);
+
+        throw new TRPCError({
+          code: 'BAD_REQUEST',
+          message: 'We were unable to find this document. Please try again later.',
+        });
+      }
+    }),
+
  createDocument: authenticatedProcedure
    .input(ZCreateDocumentMutationSchema)
    .mutation(async ({ input, ctx }) => {
--- a/packages/trpc/server/document-router/schema.ts
+++ b/packages/trpc/server/document-router/schema.ts
@ -33,6 +33,15 @@ export const ZGetDocumentByTokenQuerySchema = z.object({

 export type TGetDocumentByTokenQuerySchema = z.infer<typeof ZGetDocumentByTokenQuerySchema>;

+export const ZGetDocumentWithDetailsByIdQuerySchema = z.object({
+  id: z.number().min(1),
+  teamId: z.number().min(1).optional(),
+});
+
+export type TGetDocumentWithDetailsByIdQuerySchema = z.infer<
+  typeof ZGetDocumentWithDetailsByIdQuerySchema
+>;
+
 export const ZCreateDocumentMutationSchema = z.object({
  title: z.string().min(1),
  documentDataId: z.string().min(1),